Open Stack

+1

There are lots of concurrent requests to the quota management service if it's shared for projects, especially if it's shared for multi-regions (KeyStone can be global service for multi-regions), also latency will affect the end user experience. POC is good idea to verify the concept.

Best Regards
Chaoyi Huang ( Joe Huang )

-----Original Message-----
From: Kevin L. Mitchell [mailto:kevin.mitchell at rackspace.com] 
Sent: Thursday, November 20, 2014 7:40 AM
To: openstack-dev at lists.openstack.org
Subject: Re: [openstack-dev] Quota management and enforcement across projects

On Thu, 2014-11-20 at 10:16 +1100, Blair Bethwaite wrote:
> For actions initiated directly through core OpenStack service APIs 
> (Nova, Cinder, Neutron, etc - anything using Keystone policy), 
> shouldn't quota-enforcement be handled by Keystone? To me this is just 
> a subset of authz, and OpenStack already has a well established 
> service for such decisions.

If you look a little earlier in the thread, you will find a post from me where I point out just how complicated quota management actually is.  I suggest that it should be developed as a proof-of-concept as a separate service; from there, we can see whether it makes sense to roll it into Keystone or maintain it as a separate thing.
--
Kevin L. Mitchell <kevin.mitchell at rackspace.com> Rackspace


_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev